Forum Discussion
Files query
Hi, I'm brand new to Defender API and I've got 2 stupid questions: 1) Are you meant to specify the hash type of a file that I'm searching for? For example, I'm using the UK API I use this: https:...
Hi CodnChips
Try to leave out the Tenant name at the front of the URL - api-uk?
It might be better to step back a level or so - what are you trying to achieve?
Cheers,
Dave C
Try to leave out the Tenant name at the front of the URL - api-uk?
It might be better to step back a level or so - what are you trying to achieve?
Cheers,
Dave C
I've found the answer to part 1 - you can't specify MD5 hashes in the GET:
So I just need some wisdom on if I can provide multiple GETs in one shot or call a list\txt file that contains multiple hashes to search for.
- David_Caddick
Hey Dave, thanks for your reply.
A different security product vendor wants to sell us a service and I'm looking to ratify their findings and determine if our Defender would know about the malicious files.
Part 1
They've provided me a list of MD5 hashes, which return no results through the API explorer. Where I've acquired the SHA256 equivalent, I get a result hit, which includes the exact MD5 hash I'd searched for (that returned no results). Therefore I don't understand the search logic.
Part 2
If I had a list\txt\csv of hashes, how can I call it into a query so that I don't have to perform a single query for every hash in the list?
Thankyou
